[JENKINS-36720] Investigate/cleanup medium-severity FindBugs issues in the Jenkins core

[timja]

Currently FindBugs settings ignore all medium-priority issues. It's bad, because this level contains NPE checks and other serious issues.

TODOs:

• Remove filtering of medium-priority issues by setting Medium
• Investigate error codes, add low-important once to the ignore list
• Fix important issues in small pull requests

This task can be handled by multiple contributors!

---

Originally reported by oleg_nenashev, imported from: Investigate/cleanup medium-severity FindBugs issues in the Jenkins core

• assignee: stefan_spieker
• status: In Progress
• priority: Minor
• resolution: Unresolved
• imported: 2022/01/10

[timja]

oleg_nenashev:

Summary:

• 2 issues in CLI
• 477 issues in the core

The output is too long to be published as text, I'll attach it

[timja]

scm_issue_link:

Code changed in jenkins
User: Oleg Nenashev
Path:
pom.xml
http://jenkins-ci.org/commit/jenkins/6ca0d754c5cba97613bc8b1e7b33327119fbf79c
Log:
JENKINS-36720 - FindBugs. Reduse threshold to Medium

[timja]

oleg_nenashev:

It's actually newbie-friendly. Anyone can pick the core, run FindBugs and then cleanup something from the report. This issue is rather a milestone for such kind of activities

[timja]

danielbeck:

Is this done completely in 2.191, or just partially?

[timja]

stefan_spieker:

There are several PRs done for this and there are more to come. This is a quite huge task. I think we would be down to 400 spotbugs issues if all PRs would be merged. So I guess this will be in progress for a longer while

[timja]

oleg_nenashev:

I am thinking about Highlighting this story for Hacktoberfest. WDYT stefan_spieker?

[timja]

stefan_spieker:

oleg_nenashev: Yes. That is a good idea. We have a lot issues still to solve. Maybe you should mention then that changing in the main pom the line 109 with this : Medium is enough to get all spotbugs issues.

[timja]

stefan_spieker:

Current status:

[INFO] Total bugs: 400

[timja]

oleg_nenashev:

Ugh. But it is still a  very good progress, thanks!

[timja]

stefan_spieker:

We are on a good way, but still some steps to go:

[java] Warnings generated: 362

 

[timja]

oleg_nenashev:

Thanks for your hard work stefan_spieker! I really look forward to introduce stricter requirements at some point

[timja]

raihaan:

Probably due to findsecbugs we are at [java] Warnings generated: 591 right now

[timja]

[Epic: JENKINS-36716]